amazonaws.com?

Tony Finch dot at dotat.at
Wed May 28 10:59:39 UTC 2008


On Tue, 27 May 2008, michael.dillon at bt.com wrote:
>
> But a more advanced intelligence will wonder why we have to have an SMTP
> server architecture that invites attacks. Why, by definition, do SMTP
> servers have to accept connections from all comers, by default? We have
> shown that other architectures are workable on the Internet, where
> communications only take place between peers who have prearranged which
> devices talk to which. This worked for USENET news and it works for
> exchanging BGP route announcements.

Of course there's no unwanted traffic on USENET or BGP. Everyone de-peers
Tiscali when their customers' compromised home computers perform DDOS
attacks.

> As long as we don't fix the architecture of Internet email, we
> are stuck with the catch-22 situation that Amazon, and all hosting
> providers find themsleves in. These companies really have no choice
> but to allow spammers to exploit their services until the spamming
> is detected, either proactively by the provider, or reactively by
> a complaint to their abuse desk.

Nothing prevents Amazon from implementing a hierarchial email delivery
network for their little corner of the net. They just have to block
outgoing port 25 and require their users to use Amazon's smarthosts.

I don't see how, in your preferred replacement email architecture, a
provider would be able to avoid policing their users to prevent spam
in the way that you complain is so burdensome.

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
HUMBER: SOUTHEAST VEERING SOUTHWEST 5 TO 7, PERHAPS GALE 8 LATER. MODERATE OR
ROUGH. THUNDERY RAIN, FOG PATCHES. MODERATE, OCCASIONALLY VERY POOR.




More information about the NANOG mailing list